<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2016/11/22 0022
 * Time: 上午 8:30
 */
header('Content-Type:text/html;charset=utf-8');
$error = array();
if(!empty($_POST)){
    $username = isset($_POST['username']) ? trim($_POST['username']) : '';
    $password = isset($_POST['password']) ? $_POST['password'] : '';
    require '../example18/check_form.lib.php';
    if(($result = checkUsername($username)) !== true)  $error[] = $result;
    if(($result = checkPassword($password)) !== true)  $error[] = $result;
    if(empty($error)){
        $link=mysqli_connect('localhost','root','') or die('数据库连接失败！');
        mysqli_query($link,'set names utf8');
        mysqli_query($link,'use `itcast`') or die('itcast数据库不存在！');
        $username = mysql_reali_escape_string($link,$username);
        $sql = "select `id`,`password` from `user` where `username`='$username'";
        if($rst = mysqli_query($link,$sql)){
            $row = mysqli_fetch_assoc($rst);
            $password = md5($password);
            if($password == $row['password']){
                session_start();
                $_SESSION['userinfo'] = array(
                    'id' => $row['id'],
                    'username' => $username
                );
                header('Location: user.php');
                die;
            }
        }
        $error[] = '用户名不存在或密码错误。';
    }
}
define('APP','itcast');
require 'login_html.php';